Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

cisco CSM 4.0 large deloyment

Hi!

when i can get information about hardware requirements for management of up to 2000 security devises? (IPS's and ASA's)  ?

Everyone's tags (2)
5 REPLIES
New Member

Re: cisco CSM 4.0 large deloyment

Sizing and scale for Cisco Security Manager is discussed in the following documentation:

http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/4.0/deployment/guide/cmsdg40.html

New Member

Re: cisco CSM 4.0 large deloyment

Hi!

hardware requremets for large enterprizes stests that only up to 500 devices can be managed...?

New Member

Re: cisco CSM 4.0 large deloyment

I would reach out to your SE or reseller to verify, but I believe they are starting to recommend more of a finite limit on CS Manager managed devices. 

New Member

Re: cisco CSM 4.0 large deloyment

Hi!

any ideas?

Cisco Employee

Re: cisco CSM 4.0 large deloyment

Alex,

let's go back to the design guide. 500 is the recommended number of device for that hw, however there is no hard limit on the number of device that you can import. So there are chance that if you import 2000 device your CSM still works fine.

However this really depends on the number/complexity of the policies you have on these devices and you might hit peformance issue even with less then 500 devices if these policies are too complex, as stated in the doc:

http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/4.0/deployment/guide/cmsdg40.html#wp44044

Now, most likely 2000 device on a single server might be too much and you might notice some performance hit, so you might want to use different servers to manage your devices (this is usually good choice). The way you organize your servers is arbitrary (you can do per location, per device type per technology etc...) An idea on how to organize multiple servers is given in the deployment guide as well:

http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/4.0/deployment/guide/cmsdg40.html#wp45159

I advice anyway to reach your Account Team, they will be able to suggest the solution that best fits your requirements

Hope this helps

Stefano

707
Views
4
Helpful
5
Replies
CreatePlease login to create content